Oval Definition:	oval:org.opensuse.security:def:56170
Revision Date: 2020-12-01 Version: 1 Title: Security update for dbus-1 (Moderate) Description: This update for dbus-1 to version 1.8.22 fixes one security issue and bugs. The following security issue was fixed: - bsc#1003898: Do not treat ActivationFailure message received from root-owned systemd name as a format string. The following upstream changes are included: - Change the default configuration for the session bus to only allow EXTERNAL authentication (secure kernel-mediated credentials-passing), as was already done for the system bus. - Fix a memory leak when GetConnectionCredentials() succeeds (fdo#91008) - Ensure that dbus-monitor does not reply to messages intended for others (fdo#90952) - Add locking to DBusCounter's reference count and notify function (fdo#89297) - Ensure that DBusTransport's reference count is protected by the corresponding DBusConnection's lock (fdo#90312) - Correctly release DBusServer mutex before early-return if we run out of memory while copying authentication mechanisms (fdo#90021) - Correctly initialize all fields of DBusTypeReader (fdo#90021) - Fix some missing \n in verbose (debug log) messages (fdo#90004) - Clean up some memory leaks in test code (fdo#90021) Family: unix Class: patch Status: Reference(s): 1003898 1008965 1012504 1012632 1018556 1019332 1020077 1022263 1022264 1022265 1022283 1022284 1022553 1023041 1040311 1040312 1040313 1050577 1050578 1050579 1050581 1052481 1055960 1125352 295284 831120 833251 848014 853048 853049 858311 860092 860163 860165 860300 860302 861256 863297 912457 934299 934524 934525 934526 934527 934528 934529 936909 948244 949022 953382 958582 958583 958584 958586 960996 962743 CVE-2006-7250 CVE-2008-5077 CVE-2009-0590 CVE-2009-0591 CVE-2009-0789 CVE-2009-0946 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387 CVE-2009-3297 CVE-2010-0740 CVE-2010-0742 CVE-2010-1633 CVE-2010-2497 CVE-2010-2805 CVE-2010-2939 CVE-2010-3053 CVE-2010-3054 CVE-2010-3311 CVE-2010-3814 CVE-2010-3864 CVE-2010-5298 CVE-2011-0014 CVE-2011-0226 CVE-2011-0541 CVE-2011-3146 CVE-2011-3207 CVE-2011-3210 CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 CVE-2012-0027 CVE-2012-0050 CVE-2012-0804 CVE-2012-0884 CVE-2012-1165 CVE-2012-2110 CVE-2012-2686 CVE-2012-4929 CVE-2012-5668 CVE-2012-5669 CVE-2012-5670 CVE-2013-0166 CVE-2013-0169 CVE-2013-1881 CVE-2013-2212 CVE-2013-4353 CVE-2013-6400 CVE-2013-6449 CVE-2013-6450 CVE-2013-6885 CVE-2014-0076 CVE-2014-0160 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-1642 CVE-2014-1666 CVE-2014-1891 CVE-2014-1892 CVE-2014-1893 CVE-2014-1894 CVE-2014-1895 CVE-2014-1896 CVE-2014-1950 CVE-2014-2240 CVE-2014-3470 CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-5139 CVE-2014-8139 CVE-2014-8140 CVE-2014-8141 CVE-2014-8275 CVE-2014-9636 CVE-2014-9656 CVE-2014-9657 CVE-2014-9658 CVE-2014-9659 CVE-2014-9660 CVE-2014-9661 CVE-2014-9662 CVE-2014-9663 CVE-2014-9664 CVE-2014-9665 CVE-2014-9666 CVE-2014-9667 CVE-2014-9668 CVE-2014-9669 CVE-2014-9670 CVE-2014-9671 CVE-2014-9672 CVE-2014-9673 CVE-2014-9674 CVE-2014-9675 CVE-2014-9732 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0293 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-3202 CVE-2015-3216 CVE-2015-4000 CVE-2015-4467 CVE-2015-4469 CVE-2015-4470 CVE-2015-4471 CVE-2015-4472 CVE-2015-5252 CVE-2015-5296 CVE-2015-5299 CVE-2015-5330 CVE-2015-7575 CVE-2015-8126 CVE-2016-0402 CVE-2016-0448 CVE-2016-0466 CVE-2016-0475 CVE-2016-0483 CVE-2016-0494 CVE-2016-10166 CVE-2016-10167 CVE-2016-10168 CVE-2016-6906 CVE-2016-6912 CVE-2016-9317 CVE-2017-1000117 CVE-2017-11624 CVE-2017-11625 CVE-2017-11626 CVE-2017-11627 CVE-2017-12595 CVE-2017-2616 CVE-2017-9208 CVE-2017-9209 CVE-2017-9210 CVE-2019-6454 SUSE-SU-2015:2215-1 SUSE-SU-2016:0164-1 SUSE-SU-2016:0256-1 SUSE-SU-2017:0292-1 SUSE-SU-2017:0468-1 SUSE-SU-2017:0555-1 SUSE-SU-2017:2320-1 SUSE-SU-2018:3066-1 SUSE-SU-2019:0425-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information freerdp-2.0.0~rc2-lp150.1 is installed OR libfreerdp2-2.0.0~rc2-lp150.1 is installed OR libwinpr2-2.0.0~rc2-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libipa_hbac-devel-1.16.1-lp151.7.3 is installed OR libipa_hbac0-1.16.1-lp151.7.3 is installed OR libnfsidmap-sss-1.16.1-lp151.7.3 is installed OR libsss_certmap-devel-1.16.1-lp151.7.3 is installed OR libsss_certmap0-1.16.1-lp151.7.3 is installed OR libsss_idmap-devel-1.16.1-lp151.7.3 is installed OR libsss_idmap0-1.16.1-lp151.7.3 is installed OR libsss_nss_idmap-devel-1.16.1-lp151.7.3 is installed OR libsss_nss_idmap0-1.16.1-lp151.7.3 is installed OR libsss_simpleifp-devel-1.16.1-lp151.7.3 is installed OR libsss_simpleifp0-1.16.1-lp151.7.3 is installed OR python3-ipa_hbac-1.16.1-lp151.7.3 is installed OR python3-sss-murmur-1.16.1-lp151.7.3 is installed OR python3-sss_nss_idmap-1.16.1-lp151.7.3 is installed OR python3-sssd-config-1.16.1-lp151.7.3 is installed OR sssd-1.16.1-lp151.7.3 is installed OR sssd-32bit-1.16.1-lp151.7.3 is installed OR sssd-ad-1.16.1-lp151.7.3 is installed OR sssd-dbus-1.16.1-lp151.7.3 is installed OR sssd-ipa-1.16.1-lp151.7.3 is installed OR sssd-krb5-1.16.1-lp151.7.3 is installed OR sssd-krb5-common-1.16.1-lp151.7.3 is installed OR sssd-ldap-1.16.1-lp151.7.3 is installed OR sssd-proxy-1.16.1-lp151.7.3 is installed OR sssd-tools-1.16.1-lp151.7.3 is installed OR sssd-wbclient-1.16.1-lp151.7.3 is installed OR sssd-wbclient-devel-1.16.1-lp151.7.3 is installed OR sssd-winbind-idmap-1.16.1-lp151.7.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information xen-4.2.4_02-0.7 is installed OR xen-doc-html-4.2.4_02-0.7 is installed OR xen-doc-pdf-4.2.4_02-0.7 is installed OR xen-kmp-default-4.2.4_02_3.0.101_0.15-0.7 is installed OR xen-kmp-pae-4.2.4_02_3.0.101_0.15-0.7 is installed OR xen-libs-4.2.4_02-0.7 is installed OR xen-libs-32bit-4.2.4_02-0.7 is installed OR xen-tools-4.2.4_02-0.7 is installed OR xen-tools-domU-4.2.4_02-0.7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information libmspack-0.0.20060920alpha-74.10 is installed OR libmspack0-0.0.20060920alpha-74.10 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information dbus-1-1.8.22-24.2 is installed OR dbus-1-x11-1.8.22-24.2 is installed OR libdbus-1-3-1.8.22-24.2 is installed OR libdbus-1-3-32bit-1.8.22-24.2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information gdk-pixbuf-loader-rsvg-2.40.2-1 is installed OR librsvg-2-2-2.40.2-1 is installed OR librsvg-2-2-32bit-2.40.2-1 is installed OR rsvg-view-2.40.2-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information git-2.12.3-27.5 is installed OR git-core-2.12.3-27.5 is installed OR git-doc-2.12.3-27.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information cvs-1.12.12-181 is installed OR cvs-doc-1.12.12-181 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information xen-4.7.6_02-43.36 is installed OR xen-doc-html-4.7.6_02-43.36 is installed OR xen-libs-4.7.6_02-43.36 is installed OR xen-libs-32bit-4.7.6_02-43.36 is installed OR xen-tools-4.7.6_02-43.36 is installed OR xen-tools-domU-4.7.6_02-43.36 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libdcerpc-binding0-4.4.2-38.20 is installed OR libdcerpc-binding0-32bit-4.4.2-38.20 is installed OR libdcerpc0-4.4.2-38.20 is installed OR libdcerpc0-32bit-4.4.2-38.20 is installed OR libndr-krb5pac0-4.4.2-38.20 is installed OR libndr-krb5pac0-32bit-4.4.2-38.20 is installed OR libndr-nbt0-4.4.2-38.20 is installed OR libndr-nbt0-32bit-4.4.2-38.20 is installed OR libndr-standard0-4.4.2-38.20 is installed OR libndr-standard0-32bit-4.4.2-38.20 is installed OR libndr0-4.4.2-38.20 is installed OR libndr0-32bit-4.4.2-38.20 is installed OR libnetapi0-4.4.2-38.20 is installed OR libnetapi0-32bit-4.4.2-38.20 is installed OR libsamba-credentials0-4.4.2-38.20 is installed OR libsamba-credentials0-32bit-4.4.2-38.20 is installed OR libsamba-errors0-4.4.2-38.20 is installed OR libsamba-errors0-32bit-4.4.2-38.20 is installed OR libsamba-hostconfig0-4.4.2-38.20 is installed OR libsamba-hostconfig0-32bit-4.4.2-38.20 is installed OR libsamba-passdb0-4.4.2-38.20 is installed OR libsamba-passdb0-32bit-4.4.2-38.20 is installed OR libsamba-util0-4.4.2-38.20 is installed OR libsamba-util0-32bit-4.4.2-38.20 is installed OR libsamdb0-4.4.2-38.20 is installed OR libsamdb0-32bit-4.4.2-38.20 is installed OR libsmbclient0-4.4.2-38.20 is installed OR libsmbclient0-32bit-4.4.2-38.20 is installed OR libsmbconf0-4.4.2-38.20 is installed OR libsmbconf0-32bit-4.4.2-38.20 is installed OR libsmbldap0-4.4.2-38.20 is installed OR libsmbldap0-32bit-4.4.2-38.20 is installed OR libtevent-util0-4.4.2-38.20 is installed OR libtevent-util0-32bit-4.4.2-38.20 is installed OR libwbclient0-4.4.2-38.20 is installed OR libwbclient0-32bit-4.4.2-38.20 is installed OR samba-4.4.2-38.20 is installed OR samba-client-4.4.2-38.20 is installed OR samba-client-32bit-4.4.2-38.20 is installed OR samba-doc-4.4.2-38.20 is installed OR samba-libs-4.4.2-38.20 is installed OR samba-libs-32bit-4.4.2-38.20 is installed OR samba-winbind-4.4.2-38.20 is installed OR samba-winbind-32bit-4.4.2-38.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_35-default-10-2 is installed OR kgraft-patch-SLE12-SP2_Update_12-10-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libgnomesu-2.0.0-353.6 is installed OR libgnomesu-lang-2.0.0-353.6 is installed OR libgnomesu0-2.0.0-353.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libwireshark9-2.4.9-48.29 is installed OR libwiretap7-2.4.9-48.29 is installed OR libwscodecs1-2.4.9-48.29 is installed OR libwsutil8-2.4.9-48.29 is installed OR wireshark-2.4.9-48.29 is installed OR wireshark-gtk-2.4.9-48.29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libpango-1_0-0-1.40.1-9 is installed OR libpango-1_0-0-32bit-1.40.1-9 is installed OR typelib-1_0-Pango-1_0-1.40.1-9 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND nodejs6-6.14.3-11.15 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libpcap-1.8.1-10.3 is installed OR libpcap1-1.8.1-10.3 is installed OR tcpdump-4.9.2-14.14 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND nodejs6-6.17.1-11.30 is installed
BACK